Privacy policy updates. Closes #2276 (#2419)

* Privacy policy updates. Closes #2276

* Improve policies timestamp generation

* Remove leftover debug print

* Python3 all the things

Also uses the short hash for policy commits

* More master->main.

Co-authored-by: RabsRincon <ruben@rinconblanco.es>

Makefile

@@ -110,9 +110,9 @@ install-git-hooks:  ## Install git hooks that will ensure code is linted and tes
 .PHONY: install-git-hooks
 
 changelog:  ## Create the changelog
-	python ./etc/scripts/changelog.py
+	python3 ./etc/scripts/changelog.py
 
 policies:
-	python ./etc/scripts/politic.py
+	python3 ./etc/scripts/politic.py
 
 .PHONY: changelog

etc/scripts/changelog.py

@@ -52,7 +52,7 @@ def format_commit(url, commit):
     try:
         return commit_template.format(url, grouped_commit[0], html_escape(grouped_commit[1]))
     except Exception as e:
-        print('There was an error in changelog.py: {}'.format(e))
+        print(f'There was an error in changelog.py: {e}')
         return ''
 
 

etc/scripts/politic.py

@@ -26,25 +26,26 @@
 import subprocess
 import re
 
-date_placeholder = '(<time id="changed-date">).*(</time>)'
+date_placeholder = '(<span id="last-changed">).*(</span>)'
 date_placeholder_regex = re.compile(date_placeholder)
 
 
 def check_policy_file(police_name):
-    policy_path = 'static/policies/{}.html'.format(police_name)
-    privacy_output = subprocess.check_output(['git', 'log', '-1', '--format=%cd', policy_path]).decode('utf-8').rstrip()
+    policy_path = f"static/policies/{police_name}.html"
+    policy_last_time = subprocess.check_output(['git', 'log', '-1', '--format=%cd', policy_path]).decode('utf-8').rstrip()
 
-    if len(privacy_output) == 0:
-        print('No need to update {}'.format(policy_path))
+    if len(policy_last_time) == 0:
+        print(f'No need to update {policy_path}')
         return
-    print('Setting policy {} last updated time to {}'.format(policy_path, privacy_output))
+    policy_last_commit = subprocess.check_output(['git', 'log', '-1', '--format=%h', policy_path]).decode('utf-8').rstrip()
+    print(f'Setting policy {policy_path} last updated time to {policy_last_time} with commit {policy_last_commit}')
     f = open(policy_path, 'r')
     file_lines = f.readlines()
     f.close()
     with open(policy_path, 'w') as f:
         for line in file_lines:
             if re.match(date_placeholder_regex, line):
-                f.write(re.sub(date_placeholder_regex, '\\1Last changed on: {}\\2'.format(privacy_output), line))
+                f.write(re.sub(date_placeholder_regex, f'\\1Last changed on: <time id="changed-date" datetime="{policy_last_time}">{policy_last_time}</time> <i>(<a href="https://github.com/compiler-explorer/compiler-explorer/commit/{policy_last_commit}" target="_blank">diff</a>)</i>\\2', line))
             else:
                 f.write(line)
 

static/alert.js

@@ -49,6 +49,7 @@ Alert.prototype.alert = function (title, body, onClose) {
         modal.off('hidden.bs.modal');
         modal.on('hidden.bs.modal', onClose);
     }
+    return modal;
 };
 
 /***

static/main.js

@@ -135,10 +135,12 @@ function setupButtons(options) {
     // so we instead trigger a click here when we want it to open with this effect. Sorry!
     if (options.policies.privacy.enabled) {
         $('#privacy').click(function (event, data) {
-            alertSystem.alert(
+            var modal = alertSystem.alert(
                 data && data.title ? data.title : 'Privacy policy',
                 require('./policies/privacy.html')
             );
+            var timestamp = modal.find('#changed-date');
+            timestamp.text(new Date(timestamp.attr('datetime')).toLocaleString());
             // I can't remember why this check is here as it seems superfluous
             if (options.policies.privacy.enabled) {
                 jsCookie.set(options.policies.privacy.key, options.policies.privacy.hash, {expires: 365});
@@ -153,7 +155,7 @@ function setupButtons(options) {
                 (hasCookieConsented(options) ? 'Granted' : 'Denied') + '</span></p>';
         };
         $('#cookies').click(function () {
-            alertSystem.ask(getCookieTitle(), $(require('./policies/cookies.html')), {
+            var modal = alertSystem.ask(getCookieTitle(), $(require('./policies/cookies.html')), {
                 yes: function () {
                     simpleCooks.callDoConsent.apply(simpleCooks);
                 },
@@ -163,6 +165,8 @@ function setupButtons(options) {
                 },
                 noHtml: 'Do NOT consent',
             });
+            var timestamp = modal.find('#changed-date');
+            timestamp.text(new Date(timestamp.attr('datetime')).toLocaleString());
         });
     }
 

static/policies/cookies.html

@@ -10,7 +10,7 @@ Be aware: modifying this file in any way will cause a pop-up to users telling th
 <!--
 No need to update this! It's done by the CLI build process
 -->
-<time id="changed-date"></time>
+<span id="last-changed"></span>
 <h2>Compiler Explorer Cookie Policy</h2>
 
 <p>

static/policies/privacy.html

@@ -10,7 +10,7 @@ Be aware: modifying this file in any way will cause a pop-up to users telling th
 <!--
 No need to update this! It's done by the CLI build process
 -->
-<time id="changed-date"></time>
+<span id="last-changed"></span>
 <h2>Compiler Explorer Privacy Policy</h2>
 
 <p>
@@ -24,7 +24,7 @@ No need to update this! It's done by the CLI build process
     Compiler Explorer was created by and is primarily administrated by
     <a href="mailto:matt@godbolt.org">Matt Godbolt</a>,
     along with a number of volunteers (including, but not limited to those listed in our "<a
-        href="https://github.com/compiler-explorer/compiler-explorer/blob/master/AUTHORS.md" target="_blank"
+        href="https://github.com/compiler-explorer/compiler-explorer/blob/main/AUTHORS.md" target="_blank"
         rel="noreferrer noopener">Authors</a>" documentation).
     It is run on a best-effort basis, and is not a commercial product. We do our best
     to keep your data safe, but welcome help from the community: See our
@@ -85,21 +85,28 @@ No need to update this! It's done by the CLI build process
     the short URL provider, not Compiler Explorer.
 </p>
 
-<h4>Web logs</h4>
+<h4>Application, web and error logs</h4>
 
 <p>
-    Compiler Explorer keeps web logs, which contain semi-anonymised IP addresses, but no other personally identifying
-    information. When a long URL is clicked, the hash part of the URL is not sent to the server, so the user state
-    (including the source code) is NOT exposed in the web log. If a user clicks a short URL, then the short form IS
-    exposed in the web log (as <code>https://godbolt.org/g/SHORTURLPART</code>) and from this the source code can be
+    Compiler Explorer keeps application logs, which contain semi-anonymised IP addresses, but no other personally
+    identifying information. When a long URL is clicked, the hash part of the URL is not sent to the server, so the user
+    state (including the source code) is NOT exposed in the web log. If a user clicks a short URL, then the short form
+    IS exposed in the web log (as <code>https://godbolt.org/g/SHORTURLPART</code>) and from this the source code can be
     retrieved. As such, if you create a short URL of your code, your source code and other user state can in principle
     be retrieved from the web log of Compiler Explorer.
 </p>
 
 <p>
-    In order to debug and diagnose Compiler Explorer, to help track down and block Denial of Service attacks, and to
-    gather statistics about Compiler Explorer's performance and usage, the web logs are archived. These logs are kept
-    for one month, after which they are permanently deleted.
+    Compiler Explorer uses Amazon's web serving, load balancing and edge caching systems. In order to debug and diagnose
+    Compiler Explorer, to help track down and block Denial of Service attacks, and to gather statistics about Compiler
+    Explorer's performance and usage, the logs from these systems are archived. These logs contain the full IP addresses
+    of requests. Thy are kept for no more than one month, after which they are permanently deleted.
+</p>
+
+<p>
+    If your web browser experiences an error, we use a third party reporting system (<a
+        href="https://sentry.io/">Sentry</a>). This keeps information, including your IP address and web browser user
+    agent, for no more than 90 days.
 </p>
 
 <h4>Executing your code</h4>